Better test SSL certificate
This commit is contained in:
Eliot Berriot
parent
a575f92ad1
commit
f37996fdf6
|
|
@ -0,0 +1,88 @@
|
|||
# cf https://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl/27931596#27931596
|
||||
# create with openssl req -config openssl.conf -new -x509 -sha256 -newkey rsa:2048 -nodes -keyout test.key -days 365 -out test.crt
|
||||
|
||||
[ req ]
|
||||
default_bits = 2048
|
||||
default_keyfile = server-key.pem
|
||||
distinguished_name = subject
|
||||
req_extensions = req_ext
|
||||
x509_extensions = x509_ext
|
||||
string_mask = utf8only
|
||||
|
||||
# The Subject DN can be formed using X501 or RFC 4514 (see RFC 4519 for a description).
|
||||
# Its sort of a mashup. For example, RFC 4514 does not provide emailAddress.
|
||||
[ subject ]
|
||||
countryName = Country Name (2 letter code)
|
||||
countryName_default = US
|
||||
|
||||
stateOrProvinceName = State or Province Name (full name)
|
||||
stateOrProvinceName_default = NY
|
||||
|
||||
localityName = Locality Name (eg, city)
|
||||
localityName_default = New York
|
||||
|
||||
organizationName = Organization Name (eg, company)
|
||||
organizationName_default = Example, LLC
|
||||
|
||||
# Use a friendly name here because it's presented to the user. The server's DNS
|
||||
# names are placed in Subject Alternate Names. Plus, DNS names here is deprecated
|
||||
# by both IETF and CA/Browser Forums. If you place a DNS name here, then you
|
||||
# must include the DNS name in the SAN too (otherwise, Chrome and others that
|
||||
# strictly follow the CA/Browser Baseline Requirements will fail).
|
||||
commonName = Common Name (e.g. server FQDN or YOUR name)
|
||||
commonName_default = Example Company
|
||||
|
||||
emailAddress = Email Address
|
||||
emailAddress_default = test@example.com
|
||||
|
||||
# Section x509_ext is used when generating a self-signed certificate. I.e., openssl req -x509 ...
|
||||
[ x509_ext ]
|
||||
|
||||
subjectKeyIdentifier = hash
|
||||
authorityKeyIdentifier = keyid,issuer
|
||||
|
||||
# You only need digitalSignature below. *If* you don't allow
|
||||
# RSA Key transport (i.e., you use ephemeral cipher suites), then
|
||||
# omit keyEncipherment because that's key transport.
|
||||
basicConstraints = CA:FALSE
|
||||
keyUsage = digitalSignature, keyEncipherment
|
||||
subjectAltName = @alternate_names
|
||||
nsComment = "OpenSSL Generated Certificate"
|
||||
|
||||
# RFC 5280, Section 4.2.1.12 makes EKU optional
|
||||
# CA/Browser Baseline Requirements, Appendix (B)(3)(G) makes me confused
|
||||
# In either case, you probably only need serverAuth.
|
||||
# extendedKeyUsage = serverAuth, clientAuth
|
||||
|
||||
# Section req_ext is used when generating a certificate signing request. I.e., openssl req ...
|
||||
[ req_ext ]
|
||||
|
||||
subjectKeyIdentifier = hash
|
||||
|
||||
basicConstraints = CA:FALSE
|
||||
keyUsage = digitalSignature, keyEncipherment
|
||||
subjectAltName = @alternate_names
|
||||
nsComment = "OpenSSL Generated Certificate"
|
||||
|
||||
# RFC 5280, Section 4.2.1.12 makes EKU optional
|
||||
# CA/Browser Baseline Requirements, Appendix (B)(3)(G) makes me confused
|
||||
# In either case, you probably only need serverAuth.
|
||||
# extendedKeyUsage = serverAuth, clientAuth
|
||||
|
||||
[ alternate_names ]
|
||||
|
||||
DNS.1 = funkwhale.test
|
||||
DNS.2 = node1.funkwhale.test
|
||||
DNS.3 = node2.funkwhale.test
|
||||
DNS.4 = node3.funkwhale.test
|
||||
DNS.5 = localhost
|
||||
DNS.6 = 127.0.0.1
|
||||
|
||||
# Add these if you need them. But usually you don't want them or
|
||||
# need them in production. You may need them for development.
|
||||
# DNS.5 = localhost
|
||||
# DNS.6 = localhost.localdomain
|
||||
# DNS.7 = 127.0.0.1
|
||||
|
||||
# IPv6 localhost
|
||||
# DNS.8 = ::1
|
||||
|
|
@ -1,22 +1,27 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIDljCCAn6gAwIBAgIJAOA/w9NwL3aMMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNV
|
||||
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
|
||||
aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMMECouZnVua3doYWxlLnRlc3QwHhcNMTgw
|
||||
NDA4MTMwNDAzWhcNMjgwNDA1MTMwNDAzWjBgMQswCQYDVQQGEwJBVTETMBEGA1UE
|
||||
CAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
|
||||
MRkwFwYDVQQDDBAqLmZ1bmt3aGFsZS50ZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOC
|
||||
AQ8AMIIBCgKCAQEAyGqRLEMFs1mpRwauTicIRj2zwBUe6JMNRbIvOUkaj2KY6avA
|
||||
7tiNti/ygBoTyJl2JK3mmLqxElqedpMhjVvYde/PyjXoZ+0Vq4FWv89LV6ZM/Scf
|
||||
TCIYwWF1ppi6GYFmU3WCIMISkKiPBtMArB0oZxiUWLmkyd8jih2wnQOpkQ20FfG0
|
||||
CtlrKlQKyAe7X3zPuqGfaMUN7J4w9g3/SC66YulbAtI1/Z4tuG8J4m2RC6jH1hVy
|
||||
364l3ifEC+m9Kax/ystfu/mkLdyQgRfOZTNf2JhS3BL8zpoWMXFK+4+7TYisrV1h
|
||||
0pzIAsoQeBB+cFOOFEwRAv0FxSWnZ+/shjnwbwIDAQABo1MwUTAdBgNVHQ4EFgQU
|
||||
sULmofttRyWUMM93IsD8jBvyCd4wHwYDVR0jBBgwFoAUsULmofttRyWUMM93IsD8
|
||||
jBvyCd4wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAUg/fiXut
|
||||
hW6fDx9f0JdB4uLiLnv8tDP35ackLLapFJhXtflIXcqCzxStQ46nMs1wjaZPb+ws
|
||||
pLULzvTKTxJbu+JYc2nvis4m2oSFczJ3S9tgug4Ppv8yS7N1pp7kfjOvBjgh6sYW
|
||||
p+Ctb5r8qvgvT9yDTeCnsqktb/OkRHlHwhRYfnuxh+96s4mzifqFUP4uCCcFYPTc
|
||||
RE0Ag3oI5sHOdDk/cdYE5PGQPjSP6gzn0lsrz1Q3x1C8+txSHzsJnvS3Ost+dwcy
|
||||
JSjDBXauy9cZv93Voevcl16Ioo7trtkp4dwAoep52vOT/KMkJ4zm19msV3BP4wMa
|
||||
BUqrV2F7twD5zw==
|
||||
MIIEiTCCA3GgAwIBAgIUYxpKxPZIyG2n6qTPNESvYX/VpkowDQYJKoZIhvcNAQEL
|
||||
BQAwfzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5ZMREwDwYDVQQHDAhOZXcgWW9y
|
||||
azEVMBMGA1UECgwMRXhhbXBsZSwgTExDMRgwFgYDVQQDDA9FeGFtcGxlIENvbXBh
|
||||
bnkxHzAdBgkqhkiG9w0BCQEWEHRlc3RAZXhhbXBsZS5jb20wHhcNMjAwMTA5MTM0
|
||||
ODMyWhcNMzAwMTA2MTM0ODMyWjB/MQswCQYDVQQGEwJVUzELMAkGA1UECAwCTlkx
|
||||
ETAPBgNVBAcMCE5ldyBZb3JrMRUwEwYDVQQKDAxFeGFtcGxlLCBMTEMxGDAWBgNV
|
||||
BAMMD0V4YW1wbGUgQ29tcGFueTEfMB0GCSqGSIb3DQEJARYQdGVzdEBleGFtcGxl
|
||||
LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL1SKznmggF6IaCF
|
||||
4Jq+CHl9x8tmteQkws+ix65J2Id104fSibrRK8If3LMbKlrmXrpXFIl1TvDGPJQd
|
||||
emcJhy3tFXR0eRqPTyqOfwxVy4AW7plMpemsoDrk8uONtwUdwmNNRsPeppIIEov7
|
||||
aj6SWGLzFUjoKwHbXsfy2ff80/9EP7zkJr1ts6VPbPafExDKT225OoANlZ4B3bOG
|
||||
bviWcP5+HuWUolA1wcyIqLXpc9Lw1M6NsC252sgje9IBpx1NhGe5QNAg5p3BA75/
|
||||
jbOQH0qSo1xm9cV+FNQJpBybnZ5wuUEgsPJ87MtTIbr0cM5IiarUr/kvyg4sywDV
|
||||
e07Aaw0CAwEAAaOB/DCB+TAdBgNVHQ4EFgQU9wRYbfo7sxyDITOZCK0H8udIaiww
|
||||
HwYDVR0jBBgwFoAU9wRYbfo7sxyDITOZCK0H8udIaiwwCQYDVR0TBAIwADALBgNV
|
||||
HQ8EBAMCBaAwcQYDVR0RBGowaIIOZnVua3doYWxlLnRlc3SCFG5vZGUxLmZ1bmt3
|
||||
aGFsZS50ZXN0ghRub2RlMi5mdW5rd2hhbGUudGVzdIIUbm9kZTMuZnVua3doYWxl
|
||||
LnRlc3SCCWxvY2FsaG9zdIIJMTI3LjAuMC4xMCwGCWCGSAGG+EIBDQQfFh1PcGVu
|
||||
U1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAQEAmXD3
|
||||
pjwYG4M4NTixkxs9KvdQE5yDqOMEh5ZMygA7/kRbKrYLaFgDYYsNlRFqJNz3sDLe
|
||||
jTU663Eur5TdwTNiksa11VB3qKCrgQIzhjOavofF0ODfaNBtHtBWwEcpq0t2MnWP
|
||||
kWot/kqpUcphbx5zyzqHHjiSnNUu16PS/lepNZyQIrfSy23+WIEYEiTbDYqS38SX
|
||||
p8Pc+i9hQyeOwo4CYnuoPcIRtL/zsFl7WnWKVqXqr7w0PDWus226xO2ZMMLRkMi5
|
||||
scufzyGBJAsedlCXIbJ+azYlZ2yTr98C7ffEA1PSuhO7wTUim/LUo0UBC/bs6wpc
|
||||
ZxMkNLp6IaHhNEIeyA==
|
||||
-----END CERTIFICATE-----
|
||||
|
|
|
|||
|
|
@ -1,28 +1,28 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDIapEsQwWzWalH
|
||||
Bq5OJwhGPbPAFR7okw1Fsi85SRqPYpjpq8Du2I22L/KAGhPImXYkreaYurESWp52
|
||||
kyGNW9h178/KNehn7RWrgVa/z0tXpkz9Jx9MIhjBYXWmmLoZgWZTdYIgwhKQqI8G
|
||||
0wCsHShnGJRYuaTJ3yOKHbCdA6mRDbQV8bQK2WsqVArIB7tffM+6oZ9oxQ3snjD2
|
||||
Df9ILrpi6VsC0jX9ni24bwnibZELqMfWFXLfriXeJ8QL6b0prH/Ky1+7+aQt3JCB
|
||||
F85lM1/YmFLcEvzOmhYxcUr7j7tNiKytXWHSnMgCyhB4EH5wU44UTBEC/QXFJadn
|
||||
7+yGOfBvAgMBAAECggEBAMVB3lEqRloYTbxSnwzc7g/0ew77usg+tDl8/23qvfGS
|
||||
od6b5fEvw4sl9hCPmhk+skG3x9dbKR1fg8hBWCzB0XOC7YmhNXXUrBd53eA8L3O9
|
||||
gtlHwE424Ra0zg+DEug3rHdImSOU4KDwxpV46Jh+ul1+m8QYNFFdBqXSQxrHmAXj
|
||||
MQ6++rjoJ+bhucmjBouzMYXHTGhdae3kjDFrFJ4cUsH6F03NcDwS+AmZxa/DWQ/H
|
||||
SoBQBeLoE6I1aKhLgY91yO1e7CtSzS2GFCODReN4b3cylaR7jE7Mg87TZcga6Wfa
|
||||
Xcd120VVlVq6HmZc/Xob7aUim3AuY2er8bcvmg1XOsECgYEA5EMM5UlpLdNWv1hp
|
||||
5IMvkeCbXtLJ3IOHO0xLkFdx0CxaR9TyAAqIrSh1t9rFhYqLUNiOdMc2TqrvdgEU
|
||||
B/QZrAevWRc5sjPvFXmYeWSCi/tjRgQh4jClWDX/TlfAlP55z2BFyMPMX6//WbBQ
|
||||
5aL9xymTymzFFcaE8EytT5Jz8rUCgYEA4MVF3IkaQepl6H1gf2T6ev+MtGk9AGg9
|
||||
DSJpio7hfMcY5X3NrTJJFF9DJFXqfo3ILOMyUpIUHqkCGKXil0n9ypLp4vq7l+6c
|
||||
m1gtKFXh7uKAV4XtSnR0nuK/N10JJp2HbbFYGlziRaa1iEPAFvLDQHu4jyf5sXyV
|
||||
HvreuQgGWRMCgYEAlUaQKWaP5UsfoPUGE04DjwfvM9zv7EkL6CimBhhZswU+aVmG
|
||||
haZd6bfa/EiTAhkvsMheqVoaVuoMvgRIgEcPfuRrtPyuW68A/O9PWpvzj+3v5zsO
|
||||
maisiPqPI0HaDNY6/PZ9zKTXhABKIvJehT7JbjTvlOL7JJl2GNxcPvyM3T0CgYEA
|
||||
tnVtUKi69+ce8qtUOhXufwoTXiBPtJTpelAE/MUfpfq46xJEc+PuDuuFxWk5AaJ2
|
||||
bHnBz+VlD76CRR/j4IvfySGZWvfOcHbyCeh6P9P3o8OaC3JcPaRrRs8qCfcsBny6
|
||||
AwGDU2MzCvdZRVQ6CmbmuOG13//DYaCQLKXZRrqM7KECgYEAxDsqtyHA/a38UhS8
|
||||
iQ8HqrZp8CuzJoJw/QILvzjojD1cvmwF73RrPEpRfEaLWVQGQ5F1IlHk/009C5zy
|
||||
eUT4ZaPxLem6khBf7pn3xXaVBGZsYoltek5sUBsu/jA+4Sw6bcUmhBRBCs98JGpR
|
||||
DVJtvOTk9aGW8M8UbgqwW+e/6ng=
|
||||
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC9Uis55oIBeiGg
|
||||
heCavgh5fcfLZrXkJMLPoseuSdiHddOH0om60SvCH9yzGypa5l66VxSJdU7wxjyU
|
||||
HXpnCYct7RV0dHkaj08qjn8MVcuAFu6ZTKXprKA65PLjjbcFHcJjTUbD3qaSCBKL
|
||||
+2o+klhi8xVI6CsB217H8tn3/NP/RD+85Ca9bbOlT2z2nxMQyk9tuTqADZWeAd2z
|
||||
hm74lnD+fh7llKJQNcHMiKi16XPS8NTOjbAtudrII3vSAacdTYRnuUDQIOadwQO+
|
||||
f42zkB9KkqNcZvXFfhTUCaQcm52ecLlBILDyfOzLUyG69HDOSImq1K/5L8oOLMsA
|
||||
1XtOwGsNAgMBAAECggEAAbgEQnNQTNkiAwYUIvOEui2lKbiWACtBRYdRzshG2fv8
|
||||
3qfPrk2F2y5U359ohAjBZWmy+wiAnfj+xc16tgLFImqbnkIMc2xHqLhAeQkyXshW
|
||||
hDfI7dUuYzp+5gf8WGSLxkEGWnLkCkFegbzXmxfTC5rvX4kUEuE9/Ay9Y938wr2E
|
||||
26qdRGxtfVsnFFkLXmj50W3AyF6nBRqZsaS2x8JpHTdw7AjevpL/au2nz1p1rTK9
|
||||
6cR/V4Hy+dtXLgm0mLdg1G+CJmanjqiweaD4+m91rFTagFIFKf/t5i4IZMu/BLT7
|
||||
OuylxvEnvZH4p3aSOF1ME0Uv4n2Pzb7Iov/ZZ52/AQKBgQD4qnuj4V3ASXqsraMH
|
||||
m5MtpBlKAZkngWFesi5ZFijgyutfbIcCPwFOGuXmcaTMj9HtTIwAki+mxkN87UmV
|
||||
ZM+em2ZJz6srRGvIGN5CMJaJtOPdh3iMjI5QdefJ5gkk207YKzKVw4sw5C+tr4Sr
|
||||
Uyf3K5ttL+CS5bo26CVXGLlpwQKBgQDC55wrgIzC1VDoFU0N2AZqU31tpP2DTIxc
|
||||
eu4PqEMF0hjtTh4R5JHR827PmcW3VCaZ1+Fet8+yJ5nZTHWJlFyIg3dIyebn9dau
|
||||
Yy256S+/1tq7ACmTzw3tn/125g4Is6Sz8yHdZ1YejHqyrK8nmyxuHJVEpWgLI+Ru
|
||||
U9qQAQqcTQKBgAYb2hG6lZ0FsRfQ5DJppgH3CBADXgnUadnzsqPJoZN0KLgdaGur
|
||||
tJKAoqk4nX3RAq07tizFappEQKAvDCG5akhRNQAXM/NKKQOvaLZjjy8u3HIyw8lg
|
||||
IpbjbqBNIGhhYtx4ozN+rEq1MF6p8y5qSo8N6TGTfYbeUebLaS9skhGBAoGAcmZF
|
||||
uRb8CAPzODYAg0awBUq6DVhRYPbWUBXrk48cv9bgwLEgXzo9CPGMshe9AG1JNvWK
|
||||
l/Dl3Nj3qZ8CQl2trocTxcqUWMRoXPVjyoJ/f2eZ/TcMMHDQ6RAGUvqXdC4VV3Y3
|
||||
A2B7IPUts6A+Ms4W1w654o//sMJBeyyG1g12b+UCgYEA9oLi1licSby9pGuuZXqf
|
||||
q5zyGzM3adQzOrUNR+GTOAnoQD7tcz2jTvlmn0yv66NzBoy8FAD+UNOiMGipe8Au
|
||||
1Y3XVCeYho0crCRJP3/fLLmjNe1P/Ijgujpb5jEgCA91opWSpqRVjIspGU0YOApU
|
||||
jCCVQukqEnud65ur9FLD4a8=
|
||||
-----END PRIVATE KEY-----
|
||||
|
|
|
|||
Loading…
Reference in New Issue